CVE-2018-19951

If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code.
This issue affects:
QNAP Systems Inc. Music Station
versions prior to 5.1.13;
versions prior to 5.2.9;
versions prior to 5.3.11.

Source: CVE-2018-19951